Tivoli Business Service Manager
by IBM
CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-3031 | 0.00 | — | 0.00 | Aug 12, 2014 | Cross-site scripting (XSS) vulnerability in IBM Tivoli Business Service Manager 4.2.0 before 4.2.0.0 IF12 and 4.2.1 before 4.2.1.3 IF9 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | ||
| CVE-2008-0441 | 0.00 | — | 0.00 | Jan 25, 2008 | IBM Tivoli Business Service Manager (TBSM) 4.1.1 stores passwords in cleartext (1) after external authentication, which triggers writing the password to SM_server.log; and (2) after a reconfig action; which allows local users to obtain sensitive information. | ||
| CVE-2007-1940 | 0.00 | — | 0.00 | Apr 11, 2007 | IBM Tivoli Business Service Manager (TBSM) 4.1 before Interim Fix 1 logs passwords in plaintext, which allows local users to obtain sensitive information by reading (1) ncisetup.db or (2) msi.log. |
- CVE-2014-3031Aug 12, 2014risk 0.00cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in IBM Tivoli Business Service Manager 4.2.0 before 4.2.0.0 IF12 and 4.2.1 before 4.2.1.3 IF9 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
- CVE-2008-0441Jan 25, 2008risk 0.00cvss —epss 0.00
IBM Tivoli Business Service Manager (TBSM) 4.1.1 stores passwords in cleartext (1) after external authentication, which triggers writing the password to SM_server.log; and (2) after a reconfig action; which allows local users to obtain sensitive information.
- CVE-2007-1940Apr 11, 2007risk 0.00cvss —epss 0.00
IBM Tivoli Business Service Manager (TBSM) 4.1 before Interim Fix 1 logs passwords in plaintext, which allows local users to obtain sensitive information by reading (1) ncisetup.db or (2) msi.log.